Topics Map > IT Operations > Customer Support and Policies > VPN

Departmental VPN - Pulse Secure Client - Considerations

It's often confusing to tell when to use the Pulse Secure client, the Pulse Secure web interface, or the campus Cisco VPN. This article aims to eliminate some of the confusion and point out the most streamlined way to connect to your desired resource.

There are two main VPNs that the Engineering IT Service Desk supports: Cisco AnyConnect for UMD and Pulse Secure for Engineering, Math, and Physics secured services and networks. 

Both VPNs have their respective uses, and this document will explain the primary differences between the two and provide a couple of examples to help clarify which VPN is best to use in a particular situation.

The primary reason that we use both VPNs is to get inside of our campus/departmental firewalls. If we were to think about the firewalls as physical walls, the campus firewall is the main outer firewall (blue rectangle), and then within the campus firewall are smaller, more secure areas with more specific firewalls. In the diagram below, within the campus border you will see three distinct sections. This is just a sampling to show you some of the items that have been secured with more specific firewalls on campus. Those of you familiar with KFS and SIS, for example, will realize that to access those you need to use a specific Cisco VPN group.


vpn_firewall.png


If you want to access anything that is behind the blue wall, i.e anything else that needs to go through UMD’s Central Authentication System (CAS), you need to use Cisco AnyConnect to access it while not on campus networks. Apps like Hummingbird/Optix also require connection through the Cisco VPN, even when on campus.

If you are trying to access information stored in a departmental shared folder, or access your remote desktop for a computer on a departmental VLAN, you need to use Pulse Secure or the Cisco VPN with the UMaccess-MFA group.

In the diagram above, the Engineering college (which in the case of IT also includes Math and Physics) has its own firewall. Many of the resources for our departments are behind this specific firewall. This is why some items require the use of the Pulse Secure VPN or the Cisco VPN with the UMaccess-MFA group for access.

Below are a few examples of common reasons to use one of the VPNs, with corresponding instructions:

  1. Access the Hummingbird/SIS software from home: Use Cisco AnyConnect, with the UMaccess-MFA group.  See this link for more details https://ask.eng.umd.edu/internal/95539 . After logging in, you should be able to connect to SIS with Hummingbird/Mocha.

  1. Remote desktop to a staff machine: Once the machine you are connecting to is set up for remote desktop (you will need to work with the Service Desk for this), you need to use either the Pulse VPN or the Cisco VPN with the UMaccess-MFA group to access it.  Using Pulse, it is easy to click on "Connect to my Desktop" within the Pulse web client for access.  This link has more information on both options https://ask.eng.umd.edu/internal/95540

  1. Access a file that is stored in a BIOE shared folder: The Pulse Secure client or the Cisco VPN with UMaccess-MFA are the ways to do this. Generally, we recommend that connections like this simply be done using remote desktop rather than mapping the drive locally but that is up to the customer.  This link has more information https://ask.eng.umd.edu/internal/95540

For more information about the Cisco VPN, visit this page https://ask.eng.umd.edu/internal/95539 

For more information about Pulse Secure and our web VPN, please visit our other information page here https://ask.eng.umd.edu/103386




Keywords:vpn pulse secure client   Doc ID:96868
Owner:Gwen F.Group:University of Maryland Engineering IT
Created:2020-01-02 16:34 EDTUpdated:2020-07-02 11:32 EDT
Sites:University of Maryland Engineering IT
Feedback:  0   0